For a deeper dive into the Webhooks feature of Kaleido Connect, please refer to the kaleido-io/ethconnect OSS project page on Github.

JSON/RPC

This is the low-level API exposed by the Ethereum node. Most applications will leverage an Ethereum-compatible client library to send transactions to the node, rather than communicating directly over JSON/RPC.

The JSON/RPC client libraries that have been validated against Kaleido nodes include:

Kafka

If you are building an application to exploit the asynchronous nature of Ethereum, or you have an Enterprise Service Bus (ESB) or other Enterprise Application Integration (EAI) tier in your architecture, you might consider streaming transactions into Kaleido directly over the reliable Kafka message bus built into the platform.

You can learn more about the Kafka feature of Kaleido Connect at the kaleido-io/ethconnect OSS project page on Github.

Topology and details

Each environment is created against the membership list defined within the consortium

Nodes are generated on behalf of a membership and within the context of an environment

App credentials are confined to a specific environment and, by extension, to the member nodes within that environment

The hierarchy can be seen as “Consortium” -> “Environment” -> “App Credentials”

App credentials CANNOT be leveraged across environments

Each environment supports up to 10 app credentials per the resource limitations of the default plan

Nodes can leverage multiple app credentials within the same environment. For example, take Environment A with member1.node and two app credentials – member1.appcreds.A & member1.appcreds.B. Both credentials can be used to connect to the member1.node within Environment A.

Generating the credentials

There are two approaches for generating the Basic Auth credentials – the user interface or the administrative API.

UI

The previous section, Create your network, outlines the instructions for generating these credentials. To recap:

Navigate to an existing environment within your consortium

Click the Create dropdown at the top right of the screen and select New App Credentials

Choose a membership for the credentials and optionally provide a name. You will only be able to create credentials for memberships owned by your organization.

When creating multiple sets of credentials, it is strongly recommended to supply a value for the name field. Click Next

Take note of the username and password. The password is generated by the Kaleido platform but is not stored by the backend (Kaleido only stores a salted hash for the password in order to validate it during login). As such, it is your responsibility to record this password and keep it in a safe place. If you lose the secret then you will have to recreate the credentials.

Credentials under your control will appear at the bottom of the environment panel.

REST API

The API 101 tutorial walks through the process of using the administrative API key to exercise privileged API calls to the Kaleido backend. To recap:

generate an API Key for your account and set APIKEY, APIURL, HDR_AUTH and HDR_CT as environment variables. Alternatively you can pass in the full values for each of these fields.

retrieve the membership details for your consortium. The following snippet assumes that the CONSORTIUM variable has been properly set:

send a POST to the /appcreds API with the targeted membership ID and an optional name in the body of the call. The following snippet assumes that both the CONSORTIUM and ENVIRONMENTvariables have been properly set:

Examples

The Public & Private Transactions and Truffle tutorials provide thorough exposition on credential generation and URL construction. Each sample demonstrates how to leverage the Ethereum accessible web3 javascript API along with a Kaleido node endpoint and basic auth credentials to send external calls.

web3 syntax

Web3 requires the provider object and a specified connection protocol to communicate with a node. The Kaleido platform exposes the http and web socket endpoints for every node, which can be used accordingly with the web3-providers-http and web3-providers-ws sub packages for external connection.

The Web3.providers.HttpProvider method accepts one of two valid formats: